Despite mounting concerns about the consequences of a cyber attack on their customers and reputations, many leading European organizations are still taking an immature approach to cyber risk and have yet to fully embed cyber threats into their risk management strategies as a result.

According to the findings of Marsh’s 2013 Cyber Risk Survey, conducted at the firm’s annual Digital Threats conference, 71 percent of respondents said that their concerns around cyber risk have increased in the last 12 months. Further, 54 percent stated that their organization had recently been subjected to a cyber attack.

While 17 percent of respondents believe that the financial impact of a cyber attack could potentially cost their organization in excess of $5m, 22 percent admitted that their organization had not conducted a dedicated cyber risk financial impact assessment.

On their organizations’ perceived existing cyber risk maturity level, only 23 percent believed that management of cyber risk is fully embedded and optimised within their firms.

Stephen Wares, EMEA Cyber Risk Leader at Marsh, commented: “The spectre of a cyber attack evidently looms large among the risks that risk managers believe could threaten the continued success of their organizations. Despite this, it would seem that in the majority of firms, cyber risk is still largely misunderstood and many struggle to implement a clear strategy to tackle it effectively.”

Marsh’s survey also found that only 12 percent of respondents stated that their organization currently purchased cyber insurance cover, despite 76 percent stating that they were familiar with the products available.

Mr Wares added: “The fact that so few respondents buy cyber insurance, despite high product awareness, is a clear indication that the insurance industry has more work to do in educating clients and developing cover that will adequately respond to their needs.”